Widespread use of the Internet and electronic mail (e-mail) has left millions of personal computers (PCs) vulnerable to downloaded viruses and other types of malicious software that can destroy programs, copy and upload private documents, and perform other harmful acts, frequently without the PC operator's knowledge. The increasing popularity of downloaded programs has multiplied the problem significantly, since such programs create so many more opportunities to unknowingly download the malicious software.
Due to their open architecture, most PCs provide very little protection against such destructive software. It is this very openness that has made the PC platform the general-purpose solution provider that it is. Other types of computers are also vulnerable to such attacks in varying degrees, but the pervasive use of PCs has drawn much attention to the problem as it applies to PCs.
In the past, owners of copyrighted information or other intellectual property have been reluctant to allow their property to be viewed on the PC platform (books, movies, sensitive corporate documents, etc.) as the nature of the open PC platform makes the property vulnerable to mischievous software that may run in the background. Although self-replicating destructive software (viruses) attracts the most attention, copyright owners are more concerned with the illegal copying and distribution of any document that they permit to be downloaded to a computer. This is particularly true of e-books, or books that are available electronically by downloading the text of those books over a network such as the Internet. The ease of copying documents downloaded into a PC makes it easy to illicitly reproduce and forward copyrighted materials without detection of this activity by the copyright owner.
Typically, protected content in the form of encrypted data is provided (e.g., via the Internet) to a storage subsystem (e.g., main memory, hard disk, etc.), where it is stored for subsequent use. When the data is ready for presentation, it is retrieved from storage and presented to a player for processing. The player is generally software running in the PC. Decryption of the encrypted data can take place in the player, which can also reformat the data. The processed data is then passed to a graphics sub-system, where it is formatted for presentation at a display device, such as a video monitor. Note: although the terms “document” and “display” are used here, this scenario applies equally well to graphics video data and to audio data, such as music, that is played through speakers.
Previous attempts to protect downloaded data have focused primarily on encrypting the data for delivery and storage. However, once the data is decrypted, formatted, and sent to the graphics controller, the bit-image of that data is generally placed in a video memory where the data is repeatedly read out and transmitted to the display device. For reasons of flexibility and usability, the contents of the video memory can generally be read by the PC that implements the player, and by other devices as well. Many graphics controllers also have a secondary interface that also permits both read and write capability of the video memory by other devices, as well as permitting direct transmission of video data.
However, data in the video memory can be captured, and subsequently saved and/or transmitted, for later display in an unauthorized manner. For efficiency of transmission, the offending software that captures the bit-image from video memory may also use the text font maps stored in the PC to interpret the bit image and convert any displayable text back to a standard word processing format. Thus, by using resources freely available in the PC, the supposedly protected data in the graphics controller may be retrieved and stored and/or transmitted to another device, and the retrieved data can be reverse-engineered into a much more compact and usable form before such storage/transmission.
Since many players are in the form of a PC that is vulnerable to modification by maliciously loaded software, this exposure of the graphics subsystem creates a security problem that discourages the use of PCs for any displayable data that needs to be protected, such as copyrighted video material. Once the data is placed in the graphics subsystem, that data is vulnerable to unauthorized monitoring and capture by software that has been illicitly placed in the computer.